loops / 5dive-ai / loops / daily-malicious-code-scan

Daily Malicious Code Scanner

securityimported
Installation
$npx agenticloops install daily-malicious-code-scan
Summary

Scans the last 3 days of code changes daily for supply-chain and malicious patterns, raising code-scanning alerts.

  • Runs Daily, on any harness.
  • Uses skills: security, code-review, github.
  • Needs cli gh, secrets GITHUB_TOKEN — checked at install; secrets are prompted, never in the file.
  • Runs at the standard capability tier (balanced model); the harness picks the model.
What it does
Daily, analyze code changes from the last 3 days for suspicious patterns indicating malicious activity or supply-chain compromise, and create code-scanning alerts for anything suspicious.
LOOP.md
---
name: daily-malicious-code-scan
description: Daily Malicious Code Scanner · Scans the last 3 days of code changes daily for supply-chain and malicious patterns, raising code-scanning alerts.
schedule: daily @ 05:00
skills: [security, code-review, github]
requires:
  cli: [gh]
  secrets: [GITHUB_TOKEN]      # names only
tier: standard            # frontier | standard | fast
effort: medium
concurrency: skip
tags: [security, dev, github]
license: MIT
---

Daily, analyze code changes from the last 3 days for suspicious patterns indicating malicious activity or supply-chain compromise, and create code-scanning alerts for anything suspicious.
Installs
tracking soon
Adapted from
githubnext/agentics ↗
original author: githubnext
GitHub Stars
☆ 813
First Seen
Jun 30, 2026
License
MIT
Trigger
◷ Daily